Update Analysis.md

2019-10-11 16:26:26 +02:00 · 2019-10-11 16:26:26 +02:00 · 32f45ef811
commit 32f45ef811
parent f0c7967bd7
1 changed files with 3 additions and 3 deletions
--- a/Indian/APT/SideWinder/11-10-2019/Analysis.md
+++ b/Indian/APT/SideWinder/11-10-2019/Analysis.md
@ -1,4 +1,4 @@
-# Analysis of the new TA505 campaign
+# The SideWinder campaign continue
 ## Table of Contents
 * [Malware analysis](#Malware-analysis)
 * [Cyber Threat Intel](#Cyber-Threat-Intel)
@ -11,7 +11,7 @@

 ## Malware analysis <a name="Malware-analysis"></a>
 ###### The initial vector is a malicious excel file which used an XLM macro (macro v4). This uses a function for launch the payload when the excel windows is active (selected as primary window). As first action, this executes the module 1.
-![alt text](https://raw.githubusercontent.com/StrangerealIntel/CyberThreatIntel/master/cybercriminal%20groups/TA505/04-10-2019/Images/Autoopen.PNG)
+![alt text]()

 ## Cyber Threat Intel <a name="Cyber-Threat-Intel"></a>
 ###### 
@ -37,6 +37,6 @@
 ###### Original tweet: 
 * [https://twitter.com/Timele9527/status/1182587382626996224](https://twitter.com/Timele9527/status/1182587382626996224) <a name="Original-Tweet"></a>
 ###### Links Anyrun: <a name="Links-Anyrun"></a>
-* [Letter 7711.xls](https://app.any.run/tasks/7cdd1bfc-f0a3-4dd6-a29c-5ed70a77e76c)
+* [zhengce.doc](https://app.any.run/tasks/7cdd1bfc-f0a3-4dd6-a29c-5ed70a77e76c)
 ###### Ressources:
 * [DotNetToJScript](https://github.com/tyranid/DotNetToJScript)